Phishing is the most popular way to get someone facebook login data. There are some kind of Phishing attack, the most simple one is the hacker make fake facebook login account with an interface close with the real one. From that face page, victim will insert “E-mail Address” and “Password” which saved in .txt file. These data then taken by the hacker to get into victims facebook account and change the password with the new one.

2) Keylogging

Keylogging use a small program installed on the victims computer. This program will record all things that the victims type on their computer, also the login facebook data. The log will be send back to the attacker FTP network or from hackers e-mail.

3) Stealers

Almost 80% people use password saved in the browser to make it easier to login into facebook. This will make it easier but it can be dangerous. Stealer is software designed to take password saved in the victim’s browser.

4) Session Hijacking

Session Hijacking will be really effective if you access facebook with standard connection (http://…). This way is by stealing victim’s cookie browser which used for user authentication on a sites. Session hijacking is commonly used on local area network.

5) Sidejacking with Firesheep

Sidejacking is an alternate name for http session hijacking which specified on Wi-Fi user. To do Sidejacking attack, hackers commonly use software Firesheep, But Firesheep will only work if the attacker and the victim is inside the same Wi-Fi network.

6) Mobile Phone Hacking

Millions of people do facebook login from their mobile phone. If hacker can access the victim’s mobile phone, most likely the hacker can also access the victims account. it can also be done using software to monitor mobile phone like “Mobile Spy” and “Spy Phone Gold”

7) DNS Spoofing

If the attacker and victims is on the same computer network, attacker can use DNS spoofing or redirecting from the original facebook page to the fake one which made by the hacker.

8,) USB Hacking

This is usually used when the attacker have physical access to the victims computer. Hacker will insert USB device which already programmed automatically to take the password which saved in the browser.

9) Man In the Middle Attacks

This could happened when the hacker and the victim is within the same switch based network. Hacker will place itself between the victims and the server or act like gateway so it can capture all passing data. This way is also called ARP Poisoning.

10) Botnet

Botnet is actually not commonly used to hack into facebook login, because of the high cost. This is used for more advance attack. Basically this is a cooperation between some computer. The infection process is just like keylogging. The popular botnet are “SpyEye” and “Zeus”